Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-1999Microsoft Internet Explorer vulnerability

5 documents5 sources
Severity
9.3CRITICALNVD
EPSS
42.5%
top 2.53%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedOct 12
Latest updateMay 13

Description

Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-fcq9-gv39-5hfr: Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involv2022-05-13

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 8 - Select Element Memory Corruption2011-10-11

🕵️Threat Intelligence

1
Zscaler
Zscaler found Multiple Security Vulnerabilities | 11-11-2011

💬Community

1
Bugzilla
CVE-2009-5022 libtiff ojpeg buffer overflow2011-04-12
CVE-2011-1999 — Microsoft vulnerability | cvebase